<?php
/*
iSuS - iScripting.net User System
v1.0 made by Panzer
http://www.iScripting.net
Copyright must stay intact
*/

//Checks to see if theyre allowed to edit their profile
if ($userCan['editprofile']) {
//Double security incase the admin hasn't set a guest membergroup
if ($uId) {

//If the form hasn't been submitted, show it.
if(!$_POST['update']) { 

?>

<form method="post">
<table width="50%">
<tr><td>Location: <input type="text" size="25" maxlength="25" name="location" value="<?php echo "$uLocation"; ?>" </td></tr>
<tr><td>MSN Messenger: <input type="text" size="25" maxlength="25" name="msn" value="<?php echo "$uMsn"; ?>" </td></tr>
<tr><td>AOL Messenger: <input type="text" size="25" maxlength="25" name="aim" value="<?php echo "$uAim"; ?>" </td></tr>
<tr><td>GTalk: <input type="text" size="25" maxlength="25" name="gtalk" value="<?php echo "$uGtalk"; ?>" </td></tr>
<tr><td>Email: <input type="text" size="25" maxlength="25" name="email" value="<?php echo "$uEmail"; ?>" </td></tr>
<tr><td></td></tr>
<tr><td>Bio: <textarea cols="40" rows="10" name="bio"> <?php echo "$uBio"; ?> </textarea></td></tr>

<tr><td><input type="submit" name="update" value="update"></td></tr>
</table>

</form>

<?php

}
//Or else it has been submitted...
else
{
//Get information from the forums, secure it all.
$location = secure($_POST['location']);
$msn = secure($_POST['msn']);
$aim = secure($_POST['aim']);
$gtalk = secure($_POST['gtalk']);
$email = secure($_POST['email']);
$bio = secure($_POST['bio']);

echo 'Your profile has been updated';

//A query to update everything
$update = mysql_query("UPDATE users SET email = '$email', msn = '$msn', aim = '$aim', gtalk = '$gtalk', location = '$location', bio = '$bio' WHERE username = '$uName'");

}
}
else
{
echo 'login';
}
} else {

echo 'You cannot edit your profile';

}

?>